Vigil@nce - GTK+: integer overflow of gdk_cairo_set_source_pixbuf
April 2016 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can generate an integer overflow in
gdk_cairo_set_source_pixbuf of GTK+, in order to trigger a denial
of service, and possibly to run code.
Impacted products: Fedora, GTK+, openSUSE, openSUSE Leap, Ubuntu.
Severity: 2/4.
Creation date: 11/02/2016.
DESCRIPTION OF THE VULNERABILITY
The GTK+ product embeds the graphic library gdk.
This one notably manages image display. However, if the image
dimensions are too large, a multiplication overflows, and an
allocated memory area is too small compared to the source image.
An attacker can therefore generate an integer overflow in
gdk_cairo_set_source_pixbuf of GTK+, in order to trigger a denial
of service, and possibly to run code.
ACCESS TO THE COMPLETE VIGIL@NCE BULLETIN
https://vigilance.fr/vulnerability/GTK-integer-overflow-of-gdk-cairo-set-source-pixbuf-18929